BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

GAQM Exam CPEH-001 Topic 5 Question 84 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 84
Topic #: 5
[All CPEH-001 Questions]

StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____ defense against buffer overflow attacks.

Show Suggested Answer Hide Answer
Suggested Answer: A

Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, it will clobber the canary, making the overflow evident. This is a reference to the historic practice of using canaries in coal mines, since they would be affected by toxic gases earlier than the miners, thus providing a biological warning system.


Contribute your Thoughts:

Margo
5 months ago
I see your point, Rikki, but I still think Canary is the best defense.
upvoted 0 times
...
Rikki
5 months ago
I'm not so sure, I think it could also be D) Non-executing stack.
upvoted 0 times
...
Hui
5 months ago
I agree with Margo, Canary is a common defense against buffer overflow attacks.
upvoted 0 times
...
Margo
5 months ago
I think the answer is A) Canary.
upvoted 0 times
...
Eleonore
6 months ago
I've seen ssp/ProPolice in action before, and it definitely helps protect against buffer overflows.
upvoted 0 times
...
Margart
6 months ago
I don't think format checking alone is as effective as using a canary value in defense against buffer overflows.
upvoted 0 times
...
Marvel
6 months ago
But what about option C) Format checking? Couldn't that also help prevent buffer overflow attacks?
upvoted 0 times
...
Carlee
7 months ago
I agree, using a canary value can help detect buffer overflow attacks.
upvoted 0 times
...
Miesha
7 months ago
I think the answer is A) Canary.
upvoted 0 times
...
Solange
7 months ago
Hold up, I think I've got it. What if it's a trick question, and the real answer is D? I mean, the non-executing stack is a pretty fundamental defense against buffer overflows, right? Hmm, this is getting tricky.
upvoted 0 times
...
Joseph
7 months ago
Alright, let's think this through. StackGuard, ProPolice, and /GS – they all use the same underlying defense, and that's the canary. I mean, it's right there in the question. A all the way, no need to overthink it.
upvoted 0 times
...
Kimbery
7 months ago
You know, I'm kind of torn on this one. The canary seems like the obvious answer, but I've heard about those non-executable stacks too. Maybe that's the trick they're going for here? Guess I'll have to weigh the options carefully.
upvoted 0 times
...
Pearlene
7 months ago
Hah! Hex editing? Really? As if anyone would try to defend against buffer overflows with that. No, this is clearly a question about modern, sophisticated techniques. Gotta be the canary, no doubt about it.
upvoted 0 times
...
Carline
7 months ago
Hmm, I'm not so sure. Canary sounds like the right answer, but I can't help but wonder if there's a trick here. What if they're trying to throw us off with something like format checking? Gotta keep my wits about me for this one.
upvoted 0 times
...
Yaeko
8 months ago
Ah, the age-old buffer overflow attack. This question is really testing our knowledge of defensive techniques against this menace. I'm guessing the answer is A, Canary. Those little sentinels are the backbone of these anti-buffer overflow measures.
upvoted 0 times
Jules
6 months ago
Absolutely, the Canary approach is crucial in defending against buffer overflow attacks.
upvoted 0 times
...
Eun
6 months ago
A) Canary
upvoted 0 times
...
...

Save Cancel